查看: 3453|回复: 15
收起左侧

[病毒样本] 某毒网贴里的logogo变种和下的44个

[复制链接]
promised
发表于 2007-11-18 17:32:55 | 显示全部楼层 |阅读模式
http://x.98725.com/00001.exe
................
http://x.98725.com/00012.exe
+
http://x.98725.com/00026.exe
http://x.98725.com/mylm.exe

居然还分开来
http://p.98725.com/00013.exe
.............
http://p.98725.com/00025.exe
+
http://p.98725.com/wd.exe
http://p.98725.com/mylm.exe
http://p.98725.com/mhlm.exe

[ 本帖最后由 promised 于 2007-11-18 17:34 编辑 ]

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
Graybird
发表于 2007-11-18 17:35:14 | 显示全部楼层

35+9

Starting the file scan:

Begin scan in 'E:\1.rar'
E:\1.rar
  [0] Archive type: RAR
  --> 1.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGam.hti
      [INFO]      The file was deleted!
Begin scan in 'E:\样本1.rar'
E:\样本1.rar
  [0] Archive type: RAR
  --> LotusHlp.dll
      [DETECTION] Contains suspicious code HEUR/Malware
  --> 00026.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> wd.exe
      [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> mhlm.exe
      [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> 00013.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 00014.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 00015.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.hop
  --> 00016.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 00017.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.hoo
  --> 00018.exe
      [DETECTION] Is the Trojan horse TR/CrashSystem.C
  --> 00019.exe
      [DETECTION] Is the Trojan horse TR/CrashSystem.C
  --> 00020.exe
      [DETECTION] Is the Trojan horse TR/FWDisable.23902
  --> 000.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> mylm.exe
      [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> avwldmn.dll
      [DETECTION] Is the Trojan horse TR/FWDisable.23902
  --> avzxfmn.dll
      [DETECTION] Contains suspicious code HEUR/Malware
  --> kapjezy.dll
      [DETECTION] Contains suspicious code HEUR/Malware
  --> kawdezy.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.hop
  --> ratbjpi.dll
      [DETECTION] Contains suspicious code HEUR/Malware
  --> wsjrezx.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.hoo
  --> wszjazx.dll
      [DETECTION] Contains suspicious code HEUR/Malware
  --> rarjdpi.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.hit
  --> kvmxhma.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.htv
  --> ratbipi.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.hod
  --> kvdxjma.dll
      [DETECTION] Contains suspicious code HEUR/Malware
  --> kvdxsima.dll
      [DETECTION] Contains suspicious code HEUR/Malware
  --> raqjdpi.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.hor
  --> rsmyhpm.dll
      [DETECTION] Is the Trojan horse TR/FWDisable.23372
  --> rsztjpm.dll
      [DETECTION] Contains suspicious code HEUR/Malware
  --> 00001.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.htv
  --> 00002.exe
      [DETECTION] Is the Trojan horse TR/FWDisable.23372
  --> 00003.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 00005.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 00006.exe
      [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> 00007.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.hit
  --> 00008.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 00009.exe
      [DETECTION] Is the Trojan horse TR/CrashSystem.C
  --> 00004.exe
      [DETECTION] Is the Trojan horse TR/PSW.Wow.acd
  --> 00010.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 00011.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 00012.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.hor
  --> 00021.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.hod
  --> Wn_Sys8x.Sys
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was deleted!


End of the scan: 2007年11月18日  17:35
Used time: 00:34 min

The scan has been done completely.

      0 Scanning directories
     47 Files were scanned
     35 viruses and/or unwanted programs were found
      9 Files were classified as suspicious:
      2 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
     12 Files not concerned
      2 Archives were scanned
      0 Warnings
      0 Notes
promised
 楼主| 发表于 2007-11-18 17:37:36 | 显示全部楼层

all kill

C:\ABC\样本1\000.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本1\000.exe
        C:\ABC\样本1\00001.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本1\00001.exe
        C:\ABC\样本1\00002.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本1\00002.exe
        C:\ABC\样本1\00003.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本1\00003.exe
        C:\ABC\样本1\00004.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\样本1\00004.exe
        C:\ABC\样本1\00005.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\样本1\00005.exe
        C:\ABC\样本1\00006.exe
        C:\ABC\样本1\00006.exe\FILE:0000
>>> Virus 'Mal/Gampass-A' found in file C:\ABC\样本1\00006.exe\FILE:0000
>>> Virus 'Mal/Dropper-H' found in file C:\ABC\样本1\00006.exe
        C:\ABC\样本1\00007.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本1\00007.exe
        C:\ABC\样本1\00008.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本1\00008.exe
        C:\ABC\样本1\00009.exe
        C:\ABC\样本1\00009.exe\FILE:0000
>>> Virus 'Mal/Packer' found in file C:\ABC\样本1\00009.exe\FILE:0000
>>> Virus 'Mal/Packer' found in file C:\ABC\样本1\00009.exe
        C:\ABC\样本1\00010.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本1\00010.exe
        C:\ABC\样本1\00011.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本1\00011.exe
        C:\ABC\样本1\00012.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本1\00012.exe
        C:\ABC\样本1\00013.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本1\00013.exe
        C:\ABC\样本1\00014.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本1\00014.exe
        C:\ABC\样本1\00015.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本1\00015.exe
        C:\ABC\样本1\00016.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本1\00016.exe
        C:\ABC\样本1\00017.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本1\00017.exe
        C:\ABC\样本1\00018.exe
        C:\ABC\样本1\00018.exe\FILE:0000
>>> Virus 'Mal/Packer' found in file C:\ABC\样本1\00018.exe\FILE:0000
>>> Virus 'Mal/Packer' found in file C:\ABC\样本1\00018.exe
        C:\ABC\样本1\00019.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\样本1\00019.exe
        C:\ABC\样本1\00020.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本1\00020.exe
        C:\ABC\样本1\00021.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本1\00021.exe
        C:\ABC\样本1\00026.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本1\00026.exe
        C:\ABC\样本1\avwldmn.dll
>>> Virus 'Mal/Emogen-I' found in file C:\ABC\样本1\avwldmn.dll
        C:\ABC\样本1\avzxfmn.dll
>>> Virus 'Mal/Emogen-I' found in file C:\ABC\样本1\avzxfmn.dll
        C:\ABC\样本1\kapjezy.dll
>>> Virus 'Mal/Emogen-I' found in file C:\ABC\样本1\kapjezy.dll
        C:\ABC\样本1\kaqhizy.dll
>>> Virus 'Mal/Behav-001' found in file C:\ABC\样本1\kaqhizy.dll
        C:\ABC\样本1\kawdezy.dll
>>> Virus 'Mal/Emogen-I' found in file C:\ABC\样本1\kawdezy.dll
        C:\ABC\样本1\kvdxjma.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本1\kvdxjma.dll
        C:\ABC\样本1\kvdxsima.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本1\kvdxsima.dll
        C:\ABC\样本1\kvmxhma.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本1\kvmxhma.dll
        C:\ABC\样本1\LotusHlp.dll
>>> File "C:\ABC\样本1\LotusHlp.dll" has been identified as suspicious 'Sus/Malware-B'.
        C:\ABC\样本1\mhlm.exe
        C:\ABC\样本1\mhlm.exe\FILE:0000
>>> Virus 'Mal/Packer' found in file C:\ABC\样本1\mhlm.exe
        C:\ABC\样本1\mylm.exe
        C:\ABC\样本1\mylm.exe\FILE:0000
>>> Virus 'Mal/Packer' found in file C:\ABC\样本1\mylm.exe
        C:\ABC\样本1\raqjdpi.dll
>>> Virus 'Mal/Emogen-I' found in file C:\ABC\样本1\raqjdpi.dll
        C:\ABC\样本1\rarjdpi.dll
>>> Virus 'Mal/Emogen-I' found in file C:\ABC\样本1\rarjdpi.dll
        C:\ABC\样本1\ratbipi.dll
>>> Virus 'Mal/Emogen-I' found in file C:\ABC\样本1\ratbipi.dll
        C:\ABC\样本1\ratbjpi.dll
>>> Virus 'Mal/Emogen-I' found in file C:\ABC\样本1\ratbjpi.dll
        C:\ABC\样本1\rsmyhpm.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本1\rsmyhpm.dll
        C:\ABC\样本1\rsztjpm.dll
>>> Virus 'Mal/Emogen-I' found in file C:\ABC\样本1\rsztjpm.dll
        C:\ABC\样本1\wd.exe
        C:\ABC\样本1\wd.exe\FILE:0000
>>> Virus 'Mal/Packer' found in file C:\ABC\样本1\wd.exe
        C:\ABC\样本1\Wn_Sys8x.Sys
>>> Virus 'Mal/Gampass-A' found in file C:\ABC\样本1\Wn_Sys8x.Sys
        C:\ABC\样本1\wsjrezx.dll
>>> Virus 'Mal/Emogen-I' found in file C:\ABC\样本1\wsjrezx.dll
        C:\ABC\样本1\wszjazx.dll
>>> Virus 'Mal/Emogen-I' found in file C:\ABC\样本1\wszjazx.dll

44 files swept in 15 seconds.
46 viruses were discovered.
1 suspicious file was discovered.
44 files out of 44 were infected.
Please send infected samples to Sophos for analysis.
For advice consult www.sophos.com, email support@sophos.com
or telephone +44 1235 559933
Ending Sophos Anti-Virus.
>>> Virus 'Mal/GamePSW-C' found in file C:\ABC\1.rar\1.exe
promised
 楼主| 发表于 2007-11-18 17:38:01 | 显示全部楼层
C:\ABC\1.rar:\1.exe - 特征码 'Trojan-Spy.Win32.Banker.ahy' 被发现
C:\ABC\1.rar
C:\ABC\样本1\000.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本1\00001.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本1\00002.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本1\00003.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本1\00004.exe - 特征码 'Trojan-Downloader.Win32.Pux.d' 被发现
C:\ABC\样本1\00005.exe - 特征码 'Trojan-Spy.Win32.Agent.hz' 被发现
C:\ABC\样本1\00006.exe - 特征码 'Virus.Win32.AutoRun.bs' 被发现
C:\ABC\样本1\00007.exe - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\样本1\00008.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本1\00009.exe - 特征码 'Trojan-Downloader.Win32.Pux.d' 被发现
C:\ABC\样本1\00010.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本1\00011.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本1\00012.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本1\00013.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本1\00014.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本1\00015.exe - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\样本1\00016.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本1\00017.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本1\00018.exe - 特征码 'Trojan-Downloader.Win32.Pux.d' 被发现
C:\ABC\样本1\00019.exe - 特征码 'Trojan-Downloader.Win32.Pux.d' 被发现
C:\ABC\样本1\00020.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本1\00021.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本1\00026.exe - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\样本1\avwldmn.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本1\avzxfmn.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本1\kapjezy.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本1\kaqhizy.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本1\kawdezy.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本1\kvdxjma.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本1\kvdxsima.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本1\kvmxhma.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本1\LotusHlp.dll - 特征码 'Trojan-PWS.Win32.OnLineGames.hzt' 被发现
C:\ABC\样本1\mhlm.exe - 特征码 'Trojan.Win32.Small.ug' 被发现
C:\ABC\样本1\mylm.exe - 特征码 'Generic.FWB' 被发现
C:\ABC\样本1\raqjdpi.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本1\rarjdpi.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本1\ratbipi.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本1\ratbjpi.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本1\rsmyhpm.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本1\rsztjpm.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本1\wd.exe - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\样本1\Wn_Sys8x.Sys - 特征码 'Trojan-Proxy.Win32.Delf.AN' 被发现
C:\ABC\样本1\wsjrezx.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本1\wszjazx.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现

        46 文件被扫描
          (1 压缩档 1 文件)
        45 特征码被侦测
        0 可疑代码段被发现
        耗时: 0:00.329
uhthn2002
发表于 2007-11-18 17:38:06 | 显示全部楼层
Uhthn Anti-Spyware V3 Alpha
Version - 3.0.0
Standard Database - 939
Paranoia Database - 48881
Heuristics Analysis - Excessive
Scan in - C:\Documents and Settings\Uhthn\Desktop\New Folder (2)

C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\1.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\LotusHlp.dll - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\00026.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\wd.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\mhlm.exe - Suspected MaliciousScope:GENERIC.MALWARE.2
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\00013.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\00014.exe - Infected TROJAN-PSW.ONLINEGAMES.112 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\00015.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\00016.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\00017.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\00018.exe - Infected TROJAN-PSW.ONLINEGAMES.48 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\00019.exe - Infected TROJAN-PSW.ONLINEGAMES.48 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\00020.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\000.exe - Infected TROJAN-PSW.ONLINEGAMES.112 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\mylm.exe - Suspected MaliciousScope:GENERIC.MALWARE.2
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\avwldmn.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\avzxfmn.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\kapjezy.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\kawdezy.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\ratbjpi.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\wsjrezx.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\wszjazx.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\rarjdpi.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\kaqhizy.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\kvmxhma.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\ratbipi.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\kvdxjma.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\kvdxsima.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\raqjdpi.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\rsmyhpm.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\rsztjpm.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\00001.exe - Infected TROJAN-PSW.ONLINEGAMES.109 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\00002.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\00003.exe - Infected TROJAN-PSW.ONLINEGAMES.111 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\00005.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\00006.exe - Infected WIN32.TROJAN-PSW.QQPASS.A - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\00007.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\00008.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\00009.exe - Infected TROJAN-PSW.ONLINEGAMES.48 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\00004.exe - Infected TROJAN-PSW.ONLINEGAMES.48 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\00010.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\00011.exe - Infected TROJAN-PSW.ONLINEGAMES.83 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\00012.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\00021.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\Wn_Sys8x.Sys - Infected WIN32.TROJAN-PSW.QQPASS.A - Deleted

45 Files scanned
28 Infected files found
17 Suspected files found
0 Files disinfected
28 Files deleted
promised
 楼主| 发表于 2007-11-18 17:41:56 | 显示全部楼层

miss1

F-PROT Antivirus version 6.2.1
FRISK Software International (C) Copyright 1989-2007

Engine version: 4.4.2.54
Virus signatures: 200711162014d724ecaa9ac16aa3e7924524ebc2c9f6
                  (C:\Documents and Settings\All Users.WINDOWS\Application Data\FRISK Software\F-PROT Antivirus for Windows\antivir.def)

[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>         C:\ABC\1\1.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>         C:\ABC\样本1\000.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>         C:\ABC\样本1\00001.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>         C:\ABC\样本1\00002.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>         C:\ABC\样本1\00003.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>         C:\ABC\样本1\00004.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>         C:\ABC\样本1\00005.exe->(UPack)
[Clean]    C:\ABC\样本1\00006.exe->(UPX)
[Clean]    C:\ABC\样本1\00006.exe
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>         C:\ABC\样本1\00007.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>         C:\ABC\样本1\00008.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>         C:\ABC\样本1\00009.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>         C:\ABC\样本1\00010.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>         C:\ABC\样本1\00011.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>         C:\ABC\样本1\00012.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>         C:\ABC\样本1\00013.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>         C:\ABC\样本1\00014.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>         C:\ABC\样本1\00015.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>         C:\ABC\样本1\00016.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>         C:\ABC\样本1\00017.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>         C:\ABC\样本1\00018.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>         C:\ABC\样本1\00019.exe->(UPack)
[Found password stealer] <W32/Pws.XKY (exact)>         C:\ABC\样本1\00020.exe
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>         C:\ABC\样本1\00021.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>         C:\ABC\样本1\00026.exe->(UPack)
[Found password stealer] <W32/Pws.XJY (exact)>         C:\ABC\样本1\avwldmn.dll
[Found password stealer] <W32/OnlineGames.A.gen!Eldorado (generic, not disinfectable)>         C:\ABC\样本1\avzxfmn.dll
[Found password stealer] <W32/OnlineGames.A.gen!Eldorado (generic, not disinfectable)>         C:\ABC\样本1\kapjezy.dll
[Found security risk] <W32/OnlineGames.A.gen!GSA (generic, not disinfectable)>         C:\ABC\样本1\kaqhizy.dll
[Found password stealer] <W32/OnlineGames.A.gen!Eldorado (generic, not disinfectable)>         C:\ABC\样本1\kawdezy.dll
[Found password stealer] <W32/OnlineGames.A.gen!Eldorado (generic, not disinfectable)>         C:\ABC\样本1\kvdxjma.dll
[Found password stealer] <W32/OnlineGames.A.gen!Eldorado (generic, not disinfectable)>         C:\ABC\样本1\kvdxsima.dll
[Found password stealer] <W32/OnlineGames.A.gen!Eldorado (generic, not disinfectable)>         C:\ABC\样本1\kvmxhma.dll
[Found password stealer] <W32/OnlineGames.A.gen!Eldorado (generic, not disinfectable)>         C:\ABC\样本1\LotusHlp.dll
[Found downloader] <W32/Downloader.N.gen!Eldorado (generic, not disinfectable)>         C:\ABC\样本1\mhlm.exe->(FSG)
[Found security risk] <W32/Injector.A.gen!Eldorado (generic, not disinfectable)>         C:\ABC\样本1\mylm.exe->(FSG)
[Found security risk] <W32/OnlineGames.A.gen!GSA (generic, not disinfectable)>         C:\ABC\样本1\raqjdpi.dll
[Found password stealer] <W32/Pws.XLX (exact)>         C:\ABC\样本1\rarjdpi.dll
[Found password stealer] <W32/OnlineGames.A.gen!Eldorado (generic, not disinfectable)>         C:\ABC\样本1\ratbipi.dll
[Found password stealer] <W32/OnlineGames.A.gen!Eldorado (generic, not disinfectable)>         C:\ABC\样本1\ratbjpi.dll
[Found security risk] <W32/OnlineGames.A.gen!GSA (generic, not disinfectable)>         C:\ABC\样本1\rsmyhpm.dll
[Found password stealer] <W32/OnlineGames.A.gen!Eldorado (generic, not disinfectable)>         C:\ABC\样本1\rsztjpm.dll
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>         C:\ABC\样本1\wd.exe->(UPack)
[Found virus] <W32/InfoStealer!Generic>         C:\ABC\样本1\Wn_Sys8x.Sys
[Found password stealer] <W32/OnlineGames.A.gen!Eldorado (generic, not disinfectable)>         C:\ABC\样本1\wsjrezx.dll
[Found password stealer] <W32/OnlineGames.A.gen!Eldorado (generic, not disinfectable)>         C:\ABC\样本1\wszjazx.dll


Results:

Files: 45
Skipped files: 0
MBR/boot sectors checked: 0
Objects scanned: 46
Infected objects: 44
Files with errors: 0
Disinfected: 0

Running time: 00:02
挪威的冬天
发表于 2007-11-18 17:49:09 | 显示全部楼层
LONG LONG WAY TO GO

39+1

信息        2007-11-18  17:47:50        金山毒霸主程序查毒过程结束,查毒方式:命令行查毒                       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\00021.exe        Win32.Troj.AgentT.fm.14452        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\00012.exe        Win32.Troj.AgentT.fm.14452        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\00011.exe        Win32.Troj.OnLineGamesT.gp.15597        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\00010.exe        Win32.Troj.AgentT.fm.14452        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\00004.exe        Win32.Troj.OnlineGamesT.eo.14796        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\00009.exe        Win32.Troj.OnlineGamesT.eo.14796        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\00008.exe        Win32.Troj.AgentT.fm.14452        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\00007.exe        Win32.Troj.AgentT.fm.14452        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\00006.exe        Win32.Troj.QQPassT.ak.110721        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\00003.exe        Win32.Troj.AgentT.fm.14452        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\00002.exe        Win32.Troj.AgentT.fm.14452        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\00001.exe        Win32.Troj.AgentT.fm.14452        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\rsztjpm.dll        Win32.Troj.OnLimeGamesT.zf.21080        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\rsmyhpm.dll        Win32.Troj.OnlineGamesT.fd.19570        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\raqjdpi.dll        Win32.Troj.OnLimeGamesT.zf.21080        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\kvdxsima.dll        Win32.Troj.OnlineGamesT.ty.24902        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\kvdxjma.dll        Win32.Troj.OnlineGamesT.ty.24902        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\ratbipi.dll        Win32.Troj.OnlineGamesT.ty.24902        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\kvmxhma.dll        Win32.Troj.OnlineGamesT.ty.24902        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\kaqhizy.dll        Win32.Troj.OnlineGamesT.fd.19570        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\rarjdpi.dll        Win32.Troj.OnlineGamesT.fd.19570        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\wszjazx.dll        Win32.Troj.DelfT.lm.21580        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\wsjrezx.dll        Win32.Troj.OnLimeGamesT.zf.21080        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\ratbjpi.dll        Win32.Troj.OnlineGamesT.ty.24902        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\kawdezy.dll        Win32.Troj.OnlineGamesT.ty.24902        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\kapjezy.dll        Win32.Troj.OnlineGamesT.ty.24902        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\avzxfmn.dll        Win32.Troj.OnlineGamesT.ty.24902        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\avwldmn.dll        Win32.Troj.OnLimeGamesT.zf.21080        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\000.exe        Win32.Troj.AgentT.fm.14452        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\00020.exe        Win32.Troj.AgentT.fm.14452        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\00019.exe        Win32.Troj.OnlineGamesT.eo.14796        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\00018.exe        Win32.Troj.OnlineGamesT.eo.14796        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\00017.exe        Win32.Troj.AgentT.fm.14452        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\00016.exe        Win32.Troj.AgentT.fm.14452        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\00015.exe        Win32.Troj.AgentT.fm.14452        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\00014.exe        Win32.Troj.AgentT.fm.14452        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\00013.exe        Win32.Troj.AgentT.fm.14452        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\wd.exe        Win32.Troj.OnlineGames.wd.11960        跳过,未处理       
病毒        2007-11-18  17:47:50        C:\Documents and Settings\Norways Winter\桌面\样本1.rar\00026.exe        Win32.Troj.AgentT.fm.14452        跳过,未处理       



信息        2007-11-18  17:47:44        金山毒霸主程序查毒过程结束,查毒方式:命令行查毒                       
病毒        2007-11-18  17:47:44        C:\Documents and Settings\Norways Winter\桌面\1.rar\1.exe        Win32.LwyMum.h.147456        跳过,未处理
qigang
发表于 2007-11-18 18:04:07 | 显示全部楼层

74/32

瑞星病毒查杀结果报告

清除病毒种类列表:

病毒: Win32.Logogo.b           
病毒: Trojan.PSW.Win32.GameOnline.ahg
病毒: Trojan.PSW.Win32.GameOnline.agc
病毒: Trojan.PSW.Win32.LMir.yyr
病毒: Trojan.PSW.Win32.XYOnline.ry
病毒: Trojan.PSW.Win32.NSword.ck
病毒: Trojan.PSW.Win32.QQSG.aa
病毒: Trojan.PSW.Win32.GameOnline.vk
病毒: Trojan.PSW.Win32.GameOnline.vm
病毒: Trojan.PSW.Win32.GameOnline.agc
病毒: Trojan.PSW.Win32.NSword.ck
病毒: Trojan.PSW.Win32.GameOnline.aff
病毒: Trojan.PSW.Win32.GameOnline.agd
病毒: Trojan.PSW.Win32.GameOnline.zy
病毒: Trojan.PSW.Win32.QQHX.try
病毒: Trojan.PSW.Win32.XYOnline.sg
病毒: Trojan.PSW.Win32.TLOnline.jjn
病毒: Trojan.PSW.Win32.XYOnline.sn
病毒: Trojan.PSW.Win32.XYOnline.sf
病毒: Trojan.PSW.Win32.RocOnline.hv
病毒: Trojan.PSW.Win32.XYOnline.sg
病毒: Trojan.PSW.Win32.XYOnline.sf
病毒: Trojan.PSW.Win32.GameOnline.ahg
病毒: Trojan.PSW.Win32.GameOnline.zy
病毒: Trojan.PSW.Win32.QQSG.ac
病毒: Trojan.PSW.Win32.XYOnline.sn
病毒: Trojan.PSW.Win32.GameOnline.agy
病毒: Trojan.PSW.Win32.YBOnline.bx

MAC 地址:00:11:5B:F3:6D:69

用户来源:互联网

软件版本:20.18.61
kkgh
发表于 2007-11-18 18:53:19 | 显示全部楼层
瑞星病毒查杀结果报告

清除病毒种类列表:
病毒: Trojan.PSW.Win32.GameOnline.ahg
病毒: Trojan.PSW.Win32.GameOnline.agc
病毒: Trojan.PSW.Win32.LMir.yyr
病毒: Trojan.PSW.Win32.XYOnline.ry
病毒: Trojan.PSW.Win32.NSword.ck
病毒: Trojan.PSW.Win32.QQSG.aa
病毒: Trojan.PSW.Win32.GameOnline.vk
病毒: Trojan.PSW.Win32.GameOnline.vm
病毒: Trojan.PSW.Win32.GameOnline.agc
病毒: Trojan.PSW.Win32.NSword.ck
病毒: Trojan.PSW.Win32.GameOnline.aff
病毒: Trojan.PSW.Win32.GameOnline.agd
病毒: Trojan.PSW.Win32.GameOnline.zy
病毒: Trojan.PSW.Win32.QQHX.try
病毒: Trojan.PSW.Win32.XYOnline.sg
病毒: Trojan.PSW.Win32.TLOnline.jjn
病毒: Trojan.PSW.Win32.XYOnline.sn
病毒: Trojan.PSW.Win32.XYOnline.sf
病毒: Trojan.PSW.Win32.RocOnline.hv
病毒: Trojan.PSW.Win32.XYOnline.sg
病毒: Trojan.PSW.Win32.XYOnline.sf
病毒: Trojan.PSW.Win32.GameOnline.ahg
病毒: Trojan.PSW.Win32.GameOnline.zy
病毒: Trojan.PSW.Win32.QQSG.ac
病毒: Trojan.PSW.Win32.XYOnline.sn
病毒: Trojan.PSW.Win32.GameOnline.agy
病毒: Trojan.PSW.Win32.YBOnline.bx
病毒: Win32.Logogo.b           

用户来源:互联网

软件版本:20.18.62


日期: 18.11.2007  时间:18:54:29
已开启反隐藏功能.
已扫描的磁盘,文件夹及文件:C:\样本1.rar; C:\1.rar
C:\样本1.rar >>RAR >>LotusHlp.dll - Win32/PSW.OnLineGames.HCV 木马
C:\样本1.rar >>RAR >>00026.exe - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>wd.exe - 是正常的
C:\样本1.rar >>RAR >>mhlm.exe >>FSG v2.0 - 是正常的
C:\样本1.rar >>RAR >>00013.exe - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>00014.exe - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>00015.exe - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>00016.exe - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>00017.exe - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>00018.exe - Win32/PSW.OnLineGames.NGU 木马
C:\样本1.rar >>RAR >>00019.exe - 可能是 Win32/PSW.OnLineGames.NGU 木马 的一个变种
C:\样本1.rar >>RAR >>00020.exe - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>000.exe - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>mylm.exe >>FSG v2.0 - 是正常的
C:\样本1.rar >>RAR >>avwldmn.dll - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>avzxfmn.dll - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>kapjezy.dll - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>kawdezy.dll - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>ratbjpi.dll - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>wsjrezx.dll - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>wszjazx.dll - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>rarjdpi.dll - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>kaqhizy.dll - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>kvmxhma.dll - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>ratbipi.dll - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>kvdxjma.dll - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>kvdxsima.dll - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>raqjdpi.dll - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>rsmyhpm.dll - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>rsztjpm.dll - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>00001.exe - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>00002.exe - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>00003.exe - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>00005.exe - 可能是 Win32/PSW.OnLineGames.NFL 木马 的一个变种
C:\样本1.rar >>RAR >>00006.exe - 可能是 Win32/AutoRun.Q 蠕虫 的一个变种
C:\样本1.rar >>RAR >>00007.exe - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>00008.exe - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>00009.exe - Win32/PSW.OnLineGames.NGU 木马
C:\样本1.rar >>RAR >>00004.exe - 可能是 Win32/PSW.OnLineGames.NGU 木马 的一个变种
C:\样本1.rar >>RAR >>00010.exe - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>00011.exe - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>00012.exe - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>00021.exe - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本1.rar >>RAR >>Wn_Sys8x.Sys - 可能是 Win32/AutoRun.Q 蠕虫 的一个变种
C:\样本1.rar - 多重感染 - 已删除
C:\1.rar >>RAR >>1.exe - 未查明的 NewHeur_PE 病毒 [7]
C:\1.rar - 未查明的 NewHeur_PE 病毒 [7] - 已删除
已扫描的文件数目:47
已发现的病毒数目:42
已清除病毒的文件数目:2
完成时间: 18:54:41 总扫描时间:12 秒 (00:00:12)
浪滔天
发表于 2007-11-18 19:28:56 | 显示全部楼层
卡巴 43个

已删除: 木马程序 Trojan.Win32.Small.ug        文件: F:\病毒样本\样本1.rar/mhlm.exe//FSG
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.iby        文件: F:\病毒样本\样本1.rar/Wn_Sys8x.Sys
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.iby        文件: F:\病毒样本\样本1.rar/00006.exe//UPX
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ibr        文件: F:\病毒样本\样本1.rar/wszjazx.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ibr        文件: F:\病毒样本\样本1.rar/00026.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ibn        文件: F:\病毒样本\样本1.rar/00011.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ibn        文件: F:\病毒样本\样本1.rar/00008.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hzu        文件: F:\病毒样本\样本1.rar/kapjezy.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hzu        文件: F:\病毒样本\样本1.rar/00016.exe//UPack//#
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hzt        文件: F:\病毒样本\样本1.rar/LotusHlp.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hzt        文件: F:\病毒样本\样本1.rar/00005.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hze        文件: F:\病毒样本\样本1.rar/rsztjpm.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hza        文件: F:\病毒样本\样本1.rar/kaqhizy.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hyj        文件: F:\病毒样本\样本1.rar/rsmyhpm.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hyc        文件: F:\病毒样本\样本1.rar/avzxfmn.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hxx        文件: F:\病毒样本\样本1.rar/00013.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hxs        文件: F:\病毒样本\样本1.rar/00010.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hxg        文件: F:\病毒样本\样本1.rar/kvdxjma.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hxe        文件: F:\病毒样本\样本1.rar/ratbjpi.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hxc        文件: F:\病毒样本\样本1.rar/00014.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hxc        文件: F:\病毒样本\样本1.rar/000.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hwt        文件: F:\病毒样本\样本1.rar/kvdxsima.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hwt        文件: F:\病毒样本\样本1.rar/00003.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.htv        文件: F:\病毒样本\样本1.rar/kvmxhma.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.htv        文件: F:\病毒样本\样本1.rar/00002.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.htv        文件: F:\病毒样本\样本1.rar/00001.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hte        文件: F:\病毒样本\样本1.rar/00015.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hsn        文件: F:\病毒样本\样本1.rar/00012.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hqh        文件: F:\病毒样本\样本1.rar/00019.exe
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hqh        文件: F:\病毒样本\样本1.rar/00018.exe
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hqh        文件: F:\病毒样本\样本1.rar/00009.exe
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hqh        文件: F:\病毒样本\样本1.rar/00004.exe
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hor        文件: F:\病毒样本\样本1.rar/raqjdpi.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hop        文件: F:\病毒样本\样本1.rar/kawdezy.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hoo        文件: F:\病毒样本\样本1.rar/wsjrezx.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hod        文件: F:\病毒样本\样本1.rar/ratbipi.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hod        文件: F:\病毒样本\样本1.rar/00021.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hod        文件: F:\病毒样本\样本1.rar/00017.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hit        文件: F:\病毒样本\样本1.rar/rarjdpi.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hit        文件: F:\病毒样本\样本1.rar/00007.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hhb        文件: F:\病毒样本\样本1.rar/avwldmn.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.gwy        文件: F:\病毒样本\样本1.rar/00020.exe//UPack
已删除: 病毒 Worm.Win32.AutoRun.bq        文件: F:\病毒样本\1.rar/1.exe//UPack
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-6-16 01:06 , Processed in 0.140200 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表